Video Generator Free No Credits
PassAudited by VirusTotal on May 5, 2026.
Overview
Type: OpenClaw Skill Name: video-generator-free-no-credits Version: 1.0.0 The skill is a functional integration for a third-party video generation service (nemovideo.ai). It provides clear instructions for the AI agent to manage API sessions, handle file uploads, and poll for video rendering status. While it includes automated token acquisition and basic environment detection for 'skill attribution' (identifying the host platform like Cursor or OpenClaw), these behaviors are consistent with the stated purpose of the tool and do not show evidence of data exfiltration, unauthorized system access, or malicious intent.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
A user may trust the skill as unlimited and free, upload content, and only later encounter credit limits or payment restrictions.
The skill markets itself as having no credit limits or paywalls, but its own operational instructions describe limited free credits, credit exhaustion, and subscription-tier export blocks.
displayName: "Video Generator Free No Credits — Generate Videos Without Credit Limits" ... "create videos without credit limits or paywalls" ... "NEMO_TOKEN (100 free credits, 7-day expiry)" ... "2001 — out of credits" ... "402 — free plan export blocked ... subscription tier"
Revise the description to accurately disclose credit limits, token expiry, and any subscription restrictions before users send files or rely on exports.
The skill can act against the NemoVideo service using the provided or generated token for session creation, uploads, rendering, and credit checks.
The skill obtains or uses a bearer token for the video service, which is expected for a cloud integration but is still delegated account/session authority.
Look for `NEMO_TOKEN` in the environment... Otherwise: Generate a UUID as client identifier... POST `https://mega-api-prod.nemovideo.ai/api/auth/anonymous-token`... Extract `data.token`... All requests must include: `Authorization: Bearer <NEMO_TOKEN>`
Use a token intended only for this service, avoid sharing it, and revoke or rotate it if you no longer use the skill.
Text, images, video, and audio provided to the skill may be transmitted to the NemoVideo cloud service.
The skill sends user prompts and uploaded media to a third-party backend for processing; this is central to the purpose but affects privacy.
This skill connects to a cloud processing backend... Base URL: `https://mega-api-prod.nemovideo.ai` ... `/run_sse` ... `/api/upload-video/nemo_agent/me/<sid>` ... Accepted file types: mp4, mov, avi, webm, mkv, jpg, png, gif, webp, mp3, wav, m4a, aac.
Do not upload confidential or sensitive media unless you trust the provider and understand its retention and privacy practices.
The service may drive additional editing or export-related API calls within the session without showing every internal step to the user.
The agent is instructed to translate backend stream instructions into further API calls. This appears scoped to video-editing endpoints, but it means remote service responses influence tool actions.
Text events go straight to the user... Tool calls stay internal... The backend responds as if there's a visual interface. Map its instructions to API calls: "click" ... → execute the action via the relevant endpoint
Keep actions scoped to the documented NemoVideo endpoints and ask the user before uploads, exports, payments, or other high-impact actions.